Bug 48096 - gnutls28: Multiple issues (4.2)
gnutls28: Multiple issues (4.2)
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 4.2
All Linux
: P3 normal (vote)
: UCS 4.2-5-errata
Assigned To: Quality Assurance
Philipp Hahn
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-11-05 08:42 CET by Quality Assurance
Modified: 2018-11-07 15:04 CET (History)
0 users

See Also:
What kind of report is it?: Security Issue
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score: 5.9 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Quality Assurance univentionstaff 2018-11-05 08:42:08 CET
New Debian gnutls28 3.3.30-0+deb8u1 fixes:
This update addresses the following issues:
* HMAC-SHA-256 vulnerable to Lucky thirteen attack due to not enough dummy  function calls (CVE-2018-10844)
* HMAC-SHA-384 vulnerable to Lucky thirteen attack due to use of wrong  constant (CVE-2018-10845)
* "Just in Time" PRIME + PROBE cache-based side channel attack can lead to  plaintext recovery (CVE-2018-10846)
Comment 1 Quality Assurance univentionstaff 2018-11-05 09:52:10 CET
--- mirror/ftp/4.2/unmaintained/4.2-4/source/gnutls28_3.3.8-6+deb8u7.dsc
+++ apt/ucs_4.2-0-errata4.2-5/source/gnutls28_3.3.30-0+deb8u1.dsc
@@ -1,3 +1,47 @@
+3.3.30-0+deb8u1 [Tue, 30 Oct 2018 10:26:33 -0400] Antoine Beaupré <anarcat@debian.org>:
+
+  * Non-maintainer upload by the LTS Security Team.
+  * Backport 3.3.30 from upstream to address CVE-2018-10844,
+    CVE-2018-10845 and CVE-2018-10846.
+  * Add net-tools dependency for test suite which expects the netstat
+    command.
+  * Removed patches already present upstream:
+    * 35_recheck_urandom_fd.diff
+    * 36_less_refresh-rnd-state.diff
+    * 37_X9.63_sanity_check.diff
+    * 38_testforsanitycheck.diff
+    * 39_check-whether-the-two-signatur.patch
+    * 40_no_more_ssl3.diff
+    * 45_eliminated-double-free.diff
+    * 46_Better-fix-for-the-double-free.diff
+    * 47_GNUTLS-SA-2015-3.patch
+    * 50_Handle-zero-length-plaintext-for-VIA-PadLock-functio.patch
+    * 51_0001__gnutls_session_sign_algo_enabled-do-not-consider-an.patch
+    * 51_0002_before-falling-back-to-SHA1-as-signature-algorithm-i.patch
+    * 51_0003_tests-added-reproducer-for-the-MD5-acceptance-issue.patch
+    * 52_CVE-2016-7444_ocsp-corrected-the-comparison-of-the-serial-size-in-.patch
+    * 53_nettle-use-rsa_-_key_prepare-on-key-import.patch
+    * 55_00_pkcs12-fixed-the-calculation-of-p_size.patch
+    * 55_01_gnutls_x509_ext_import_proxy-fix-issue-reading-the-p.patch
+    * 55_02_auth-rsa-eliminated-memory-leak-on-pkcs-1-formatting.patch
+    * 55_03_opencdk-Fixes-to-prevent-undefined-behavior-found-wi.patch
+    * 55_04_Do-not-infinite-loop-if-an-EOF-occurs-while-skipping.patch
+    * 55_05_Attempt-to-fix-a-leak-in-OpenPGP-cert-parsing.patch
+    * 55_06_Corrected-a-leak-in-OpenPGP-sub-packet-parsing.patch
+    * 55_07_opencdk-read_attribute-added-more-precise-checks-whe.patch
+    * 55_08_opencdk-cdk_pk_get_keyid-fix-stack-overflow.patch
+    * 55_09_opencdk-added-error-checking-in-the-stream-reading-f.patch
+    * 55_10_opencdk-improved-error-code-checking-in-the-stream-r.patch
+    * 55_11_opencdk-read-packet.c-corrected-typo-in-type-cast.patch
+    * 55_12_gnutls_pkcs11_obj_list_import_url2-Always-return-an-.patch
+    * 55_13_cdk_pkt_read-enforce-packet-limits.patch
+    * 55_15_opencdk-do-not-parse-any-secret-keys-in-packet-when-.patch
+    * 55_16_Enforce-the-max-packet-length-for-OpenPGP-subpackets.patch
+    * 56_CVE-2017-7507_1-ext-status_request-ensure-response-IDs-are-pro.patch
+    * 56_CVE-2017-7507_2-ext-status_request-Removed-the-parsing-of-resp.patch
+    * 56_CVE-2017-7507_3-gnutls_ocsp_status_request_enable_client-docum.patch
+    * 57_urandom-use-st_ino-and-st_rdev-to-determine-device-u.patch
+
 3.3.8-6+deb8u7 [Sat, 24 Jun 2017 17:50:21 +0200] Andreas Metzler <ametzler@debian.org>:
 
   * 57_urandom-use-st_ino-and-st_rdev-to-determine-device-u.patch from

<http://10.200.17.11/4.2-5/#2237182615997130751>
Comment 2 Philipp Hahn univentionstaff 2018-11-05 13:13:10 CET
OK: yaml
OK: announce_errata
OK: patch
OK: piuparts

[4.2-5] 4b534c0f19 Bug #47787: EOL UCS-4.2-4 2018-10-31
 doc/errata/staging/gnutls28.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

[4.2-5] 4e9c858ff9 Bug #48096: gnutls28 3.3.30-0+deb8u1
 doc/errata/staging/gnutls28.yaml | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
Comment 3 Arvid Requate univentionstaff 2018-11-07 15:04:28 CET
<http://errata.software-univention.de/ucs/4.2/541.html>